Mozilla Products Contain Multiple Vulnerabilities
Systems Affected
- Firefox web browser
- Thunderbird email application
Overview
The Firefox web browser and Thunderbird email application contain several vulnerabilities. By taking advantage of one or more of these vulnerabilities, an attacker may be able to take control of your computer.
Solution
Upgrade to the latest versions of Firefox and Thunberbird
Mozilla has released Firefox 1.5.0.4 to corrrect these problems.
Mozilla has released Thunderbird 1.5.0.4 to correct these problems.
Description
Mozilla products, including the Firefox web browser and Thunderbird email application, contain a number of vulnerabilities. These vulnerabilities may allow an attacker to access your computer, run programs that could cause your computer to crash, or gain control of your computer.
For more technical information, see US-CERT
Technical Alert TA06-153A.
References
- US-CERT Vulnerability Note VU#237257 - <http://www.kb.cert.org/vuls/id/237257>
- US-CERT Vulnerability Note VU#421529 - <http://www.kb.cert.org/vuls/id/421529>
- US-CERT Vulnerability Note VU#575969 - <http://www.kb.cert.org/vuls/id/575969>
- US-CERT Vulnerability Note VU#243153 - <http://www.kb.cert.org/vuls/id/243153>
- US-CERT Vulnerability Note VU#466673 - <http://www.kb.cert.org/vuls/id/466673>
- Mozilla Foundation Security Advisories - <http://www.mozilla.org/security/announce/>
- US-CERT Vulnerability Notes Related to June Mozilla Security Advisories - <http://www.kb.cert.org/vuls/byid?searchview&query=firefox_1504>
- Mozilla Foundation Security Advisories - <http://www.mozilla.org/projects/security/known-vulnerabilities.html>
- Firefox - Rediscover the Web - <http://www.mozilla.com/firefox/>
- Thunderbird - Reclaim your inbox - <http://www.mozilla.com/thunderbird/>
- The SeaMonkey Project - <http://www.mozilla.org/projects/seamonkey/>
- Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/browser_security.html#Mozilla_Firefox>
Feedback can be directed
to US-CERT -->.
Revision History
-
June 2, 2006: Initial release
June 5, 2006: Added product version numbers
Last updated
This product is provided subject to this Notification and this Privacy & Use policy.